, schválila a dopadlo to... špatně. Log níže, nové Windows 8 jsou zaneřáděné.Prosím o radu, jak vyčistit. Log jsem vytvořil podle návodu na tomto fóru.
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 02-05-2014
Ran by Irena (administrator) on IDEA-PC on 04-05-2014 14:52:00
Running from C:\Users\Irena\Desktop
Windows 8.1 (X64) OS Language: Czech
Internet Explorer Version 11
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/downloa ... ool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/downloa ... ool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(SODATSW spol. s .r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Service.exe
(Microsoft) C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe
(SODATSW spol. s r.o.) C:\Program Files (x86)\StartW8\bin\StartW8Button.exe
(SODATSW spol. s r. o.) C:\Program Files (x86)\StartW8\bin\StartW8Menu.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft) C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(Nitro PDF Software) C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe
(Nalpeiron Ltd.) C:\Windows\SysWOW64\NLSSRV32.EXE
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(ShopperPro) C:\Program Files\Common Files\ShopperPro\spbiu.exe
(Crawler.com) C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer_Service.exe
(TPV-INVENTA TECHNOLOGY CO., LTD.) C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_w32.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\Version8\tv_x64.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.23.9\GoogleCrashHandler64.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Primax Electronics Ltd.) C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe
(CyberLink) C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe
() C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\LsDaemon.exe
(TPV-INVENTA TECHNOLOGY CO., LTD) C:\Program Files (x86)\TNIOSDVolumeSync\TNIOSDVolumeSync.exe
(Intel Corporation) C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe
(Dolby Laboratories Inc.) C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12937872 2012-07-27] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1214608 2012-07-10] (Realtek Semiconductor)
HKLM\...\Run: [Lenovo Black Silk Input Device Main Program] => C:\Program Files\Lenovo\Lenovo Black Silk USB Keyboard\Pelico.exe [118272 2011-04-19] (Primax Electronics Ltd.)
HKLM\...\Run: [SpywareTerminatorShield] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorShield.exe [2777736 2013-10-22] (Crawler.com)
HKLM\...\Run: [SpywareTerminatorUpdater] => C:\Program Files (x86)\Spyware Terminator\SpywareTerminatorUpdate.exe [3684488 2013-10-22] (Crawler.com)
HKLM-x32\...\Run: [TNIOSDVolumeSync(x64)] => C:\Program Files (x86)\TNIOSDVolumeSync\TNIExec.exe [9728 2012-08-30] (TPV-INVENTA TECHNOLOGY CO., LTD.)
HKLM-x32\...\Run: [Lenovo Eye Distance System] => C:\Program Files\Lenovo\Lenovo Eye Distance System\Lenovo Eye Distance System.exe [270680 2012-07-19] (Lenovo)
HKLM-x32\...\Run: [YouCam Mirage] => C:\Program Files (x86)\Lenovo\YouCam\YCMMirage.exe [136488 2012-07-27] (CyberLink)
HKLM-x32\...\Run: [YouCam Tray] => C:\Program Files (x86)\Lenovo\YouCam\YouCamTray.exe [167024 2012-07-27] (CyberLink Corp.)
HKLM-x32\...\Run: [CLMLServer] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc.exe [103720 2009-12-05] (CyberLink)
HKLM-x32\...\Run: [UpdateP2GoShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink Corp.)
HKLM-x32\...\Run: [Lenovo Dynamic Brightness System] => C:\Program Files\Lenovo\Lenovo Brightness System\RunLDBS.exe [1752408 2012-07-10] (TODO: <公司名>)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-07-12] (Intel Corporation)
HKLM-x32\...\Run: [LVT] => C:\Program Files\Lenovo\LVT\LJYZ.exe [886112 2011-11-24] (Lenovo)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe [95192 2013-03-09] (CyberLink Corp.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [Dolby Advanced Audio v2] => C:\Program Files (x86)\Dolby Advanced Audio v2\pcee4.exe [508656 2012-07-25] (Dolby Laboratories Inc.)
HKLM-x32\...\Run: [StartW8Button] => C:\Program Files (x86)\StartW8\bin\StartW8Button.exe [59784 2014-03-12] (SODATSW spol. s r.o.)
HKLM-x32\...\Run: [seznam-listicka-distribuce] => C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [1062472 2013-05-16] ()
Winlogon\Notify\igfxcui: C:\WINDOWS\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [20924576 2014-02-10] (Skype Technologies S.A.)
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [cz.seznam.software.autoupdate] => C:\Users\Irena\AppData\Roaming\Seznam.cz\szninstall.exe [1062472 2013-05-16] ()
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [cz.seznam.software.szndesktop] => C:\Users\Irena\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [92664 2013-04-12] ()
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [SpeedUpMyComputer] => C:\Program Files (x86)\SmartTweak\SpeedUpMyComputer\SpeedUpMyComputer.exe [2054776 2013-07-22] ()
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [GoobzoYouTubeAccelerator] => "C:\Program Files (x86)\YouTube Accelerator\YouTubeAccelerator.exe" /startup
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Run: [FixMyRegistry] => C:\Program Files (x86)\SmartTweak\FixMyRegistry\FixMyRegistry.exe /ot /as /ss
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\Policies\Explorer: [NoDrives] 0x00008003
HKU\S-1-5-21-2032549354-2375922053-1315945556-1001\...\MountPoints2: {91b92749-0451-11e3-be6b-806e6f6e6963} - "D:\startdvd.exe"
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = http://www.lenovo.com
SearchScopes: HKLM - DefaultScope {132335A7-155E-49C4-8577-05E37806DC0A} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM - {132335A7-155E-49C4-8577-05E37806DC0A} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKLM-x32 - {132335A7-155E-49C4-8577-05E37806DC0A} URL = http://www.bing.com/search?q={searchTer ... &pc=MALNJS
SearchScopes: HKCU - {132335A7-155E-49C4-8577-05E37806DC0A} URL =
SearchScopes: HKCU - {5D20EE80-9F89-497C-A34B-903DF688B91B} URL = http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13415
SearchScopes: HKCU - {7D918446-EF3E-4A07-8CC2-7A024C5C439D} URL = http://tv.seznam.cz/hledej?w={searchTer ... arch_13415
SearchScopes: HKCU - {99563BBF-4C5C-4E75-B654-3AC137D6D895} URL = http://www.firmy.cz/?q={searchTerms}&so ... arch_13415
SearchScopes: HKCU - {A7AA3E9C-8C73-4A35-A15F-C78BC2FF3ADE} URL = http://search.seznam.cz/?q={searchTerms ... arch_13415
SearchScopes: HKCU - {A888EDB1-D8AE-4CAF-97C6-1C5B03F6568F} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {BC01AF18-83EF-4726-95FF-F0356C7AFC44} URL = http://slovnik.seznam.cz/?q={searchTerm ... arch_13415
SearchScopes: HKCU - {C80B91D8-EA9D-4E6A-86FA-8EFC3CEB324A} URL = http://www.novinky.cz/hledej?w={searchT ... arch_13415
SearchScopes: HKCU - {E88550A0-ECA4-45FD-9921-9B238FE8FF8F} URL = http://encyklopedie.seznam.cz/search?q= ... arch_13415
SearchScopes: HKCU - {ED1C53C9-E2DB-4DF1-AD39-99ABD732FC90} URL = http://www.mapy.cz/?query={searchTerms} ... arch_13415
DPF: HKLM-x32 {4FF78044-96B4-4312-A5B7-FDA3CB328095}
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Tcpip\Parameters: [DhcpNameServer] 212.96.160.7 212.96.161.6
FireFox:
========
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin-x32: @exent.com/npExentControl,version=7.1.0.1 - C:\Program Files (x86)\FreeRide Games\npExentControl.dll (Exent Technologies Ltd.)
FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro\Pro 8\npnitromozilla.dll (Nitro PDF)
FF Plugin-x32: @tools.google.com/Google Update;version=3 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 - C:\Program Files (x86)\Google\Update\1.3.23.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin-x32: http://www.exent.com/GameTreatWidget - C:\Program Files (x86)\FreeRide Games\NPGameTreatPlugin.dll No File
Chrome:
=======
CHR HomePage: hxxp://www.seznam.cz/?clid=13415
CHR StartupUrls: "hxxp://www.seznam.cz/"
CHR Extension: (Dokumenty Google) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-01-03]
CHR Extension: (Disk Google) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-01-03]
CHR Extension: (YouTube) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-01-03]
CHR Extension: (Adblock Plus) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2014-01-02]
CHR Extension: (Vyhledávání Google) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-01-03]
CHR Extension: (Peněženka Google) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-01-03]
CHR Extension: (Gmail) - C:\Users\Irena\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-01-03]
==================== Services (Whitelisted) =================
R2 Dashboard Service; C:\Program Files (x86)\Lenovo\Lenovo Dashboard\DdMgr.exe [24880 2013-01-15] (Microsoft)
R2 IdeaTouch.LocalDataServer.Education; C:\Program Files (x86)\Lenovo\EducationPortal\Services\IdeaTouch.LocalDataServer.Education.exe [7680 2012-05-17] (Microsoft)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [165664 2012-08-23] (Intel Corporation)
R2 NitroDriverReadSpool8; C:\Program Files\Common Files\Nitro\Pro\8.0\NitroPDFDriverService8x64.exe [230408 2013-05-24] (Nitro PDF Software)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2013-05-14] ()
R2 SPBIUpd; C:\Program Files\Common Files\ShopperPro\spbiu.exe [2346880 2014-04-18] (ShopperPro)
R2 ST2012_Svc; C:\Program Files (x86)\Spyware Terminator\st_rsser64.exe [1149104 2013-10-22] (Crawler.com)
R2 StartW8Service; C:\Program Files (x86)\StartW8\bin\StartW8Service.exe [620424 2014-03-12] (SODATSW spol. s .r.o.)
R2 TNISrvc; C:\Program Files (x86)\TNIOSDVolumeSync\TNISrvc.exe [53760 2012-08-30] (TPV-INVENTA TECHNOLOGY CO., LTD.)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-31] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-31] (Microsoft Corporation)
S4 YouTubeAcceleratorService; C:\PROGRA~2\YOUTUB~1\YouTubeAcceleratorService.exe -start -scm [X]
==================== Drivers (Whitelisted) ====================
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-13] (Windows (R) Win 7 DDK provider)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-10] (Intel Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2014-01-03] (Microsoft Corporation)
R3 LEMo602D; C:\Windows\system32\DRIVERS\LEMo602D.sys [24064 2011-04-19] (Primax Electronics Ltd.)
R3 LEub602D; C:\Windows\system32\DRIVERS\LEub602D.sys [18944 2011-05-17] (Primax Electronics Ltd.)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2014-01-03] (Microsoft Corporation)
R3 SPBIUpdd; C:\Program Files\Common Files\ShopperPro\spbiw.sys [41856 2014-04-18] ()
R2 sp_rsdrv2; C:\Windows\System32\DRIVERS\stflt.sys [51496 2014-05-04] (Windows (R) Win 7 DDK provider)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-11-14] (Microsoft Corporation)
R3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
R3 VMC412; C:\Windows\System32\Drivers\VMC412.sys [232576 2012-08-22] (Vimicro Corporation)
R3 vmuacflt; C:\Windows\System32\Drivers\vmuacflt.sys [13696 2012-05-02] (Vimicro Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [71680 2013-08-22] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-31] (Microsoft Corporation)
R0 WinI2C-DDC; C:\Windows\System32\drivers\DDCDrv.sys [20832 2008-04-08] (Nicomsoft Ltd.)
R0 WinI2C-DDC; C:\Windows\SysWOW64\drivers\DDCDrv.sys [15712 2010-03-23] (Nicomsoft Ltd.)
S3 wsvd; C:\Windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R2 X5XSEx_Pr148; C:\Program Files (x86)\FreeRide Games\X5XSEx_Pr148.Sys [56136 2012-08-03] (Exent Technologies Ltd.)
S3 Revoflt; system32\DRIVERS\revoflt.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-05-04 14:52 - 2014-05-04 14:52 - 00017676 _____ () C:\Users\Irena\Desktop\FRST.txt
2014-05-04 14:51 - 2014-05-04 14:52 - 00000000 ____D () C:\FRST
2014-05-04 14:51 - 2014-05-04 14:51 - 02062336 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
2014-05-04 14:48 - 2014-05-04 14:49 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
2014-05-04 14:16 - 2014-05-04 14:17 - 01310621 _____ () C:\Users\Irena\Downloads\adwcleaner (1).exe
2014-05-04 13:32 - 2014-05-04 14:36 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-05-04 13:32 - 2014-05-04 13:32 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-05-04 13:32 - 2014-05-04 13:32 - 00001065 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Spyware Terminator
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-05-01 19:59 - 2014-05-01 19:59 - 00021629 _____ () C:\Users\Irena\Desktop\INFO KG k dohodám.odt
2014-04-23 21:31 - 2014-04-23 21:31 - 334413632 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-23 21:31 - 2014-04-23 21:31 - 00285224 _____ () C:\WINDOWS\Minidump\042314-21656-01.dmp
2014-04-23 21:31 - 2014-04-23 21:31 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-23 21:27 - 2014-04-23 21:27 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-04-23 21:27 - 2014-04-23 21:27 - 00000000 ____D () C:\ProgramData\RegClean
2014-04-23 21:24 - 2014-05-04 14:39 - 00000000 ____D () C:\AdwCleaner
2014-04-23 21:24 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\WINDOWS\SysWOW64\sqlite3.dll
2014-04-23 21:20 - 2014-04-23 21:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Irena\Downloads\revosetup.exe
2014-04-21 16:25 - 2014-04-21 16:25 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx
2014-04-21 16:25 - 2014-04-21 16:25 - 00004232 _____ () C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_3338353139303832352d3437415a556c2a3223346c41
2014-04-21 16:25 - 2014-04-21 16:25 - 00003444 _____ () C:\WINDOWS\System32\Tasks\YTAUpdate
2014-04-21 16:25 - 2014-04-21 16:25 - 00003258 _____ () C:\WINDOWS\System32\Tasks\YTAUpdate_logon
2014-04-21 16:25 - 2014-04-21 16:25 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-04-21 16:24 - 2014-04-21 16:24 - 00000000 ____D () C:\Users\Irena\AppData\Local\CrashRpt
2014-04-21 16:24 - 2014-01-03 14:10 - 00001186 _____ () C:\Users\Irena\Desktop\OpenOffice Writer.lnk
2014-04-21 16:22 - 2014-04-21 16:22 - 01258288 _____ () C:\Users\Irena\Downloads\startw8.exe
2014-04-09 13:11 - 2014-03-31 03:16 - 23134208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-04-09 13:11 - 2014-03-31 01:57 - 17073152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-04-09 13:11 - 2014-03-10 12:35 - 02008408 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-04-09 13:11 - 2014-03-10 12:35 - 00377176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2014-04-09 13:11 - 2014-03-06 11:19 - 01287576 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-04-09 13:11 - 2014-03-06 11:02 - 01109424 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-04-09 13:11 - 2014-03-06 08:17 - 00835584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-04-09 13:11 - 2014-03-06 08:10 - 01036288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-04-09 13:10 - 2014-04-09 13:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:10 - 2014-04-09 13:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
==================== One Month Modified Files and Folders =======
2014-05-04 14:52 - 2014-05-04 14:52 - 00017676 _____ () C:\Users\Irena\Desktop\FRST.txt
2014-05-04 14:52 - 2014-05-04 14:51 - 00000000 ____D () C:\FRST
2014-05-04 14:51 - 2014-05-04 14:51 - 02062336 _____ (Farbar) C:\Users\Irena\Desktop\FRST64.exe
2014-05-04 14:49 - 2014-05-04 14:48 - 00112640 _____ (forum.viry.cz) C:\Users\Irena\Desktop\FRSTLauncher.exe
2014-05-04 14:42 - 2014-01-03 11:35 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-2032549354-2375922053-1315945556-1001
2014-05-04 14:42 - 2013-11-14 14:40 - 01745984 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-05-04 14:42 - 2013-11-14 14:24 - 00738682 _____ () C:\WINDOWS\system32\perfh005.dat
2014-05-04 14:42 - 2013-11-14 14:24 - 00151404 _____ () C:\WINDOWS\system32\perfc005.dat
2014-05-04 14:41 - 2014-01-03 11:35 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Skype
2014-05-04 14:40 - 2014-01-03 22:31 - 00002214 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-05-04 14:40 - 2014-01-03 12:00 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\SmartTweak Software
2014-05-04 14:39 - 2014-04-23 21:24 - 00000000 ____D () C:\AdwCleaner
2014-05-04 14:39 - 2014-01-03 12:00 - 00000000 ____D () C:\Program Files (x86)\SmartTweak
2014-05-04 14:39 - 2014-01-03 11:22 - 00000000 __RDO () C:\Users\Irena\SkyDrive
2014-05-04 14:39 - 2014-01-02 22:38 - 00000972 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf07fa927811ae.job
2014-05-04 14:38 - 2014-01-03 11:32 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Nitro PDF
2014-05-04 14:37 - 2014-01-03 20:39 - 00004844 _____ () C:\WINDOWS\PFRO.log
2014-05-04 14:37 - 2013-08-22 16:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-05-04 14:37 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-05-04 14:36 - 2014-05-04 13:32 - 00000000 ____D () C:\ProgramData\Spyware Terminator
2014-05-04 14:36 - 2014-01-03 19:46 - 01345200 _____ () C:\WINDOWS\WindowsUpdate.log
2014-05-04 14:35 - 2014-01-02 22:38 - 00000976 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf07faa2ef86a2.job
2014-05-04 14:17 - 2014-05-04 14:16 - 01310621 _____ () C:\Users\Irena\Downloads\adwcleaner (1).exe
2014-05-04 14:00 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-05-04 13:32 - 2014-05-04 13:32 - 00051496 _____ (Windows (R) Win 7 DDK provider) C:\WINDOWS\system32\Drivers\stflt.sys
2014-05-04 13:32 - 2014-05-04 13:32 - 00001065 _____ () C:\Users\Public\Desktop\Spyware Terminator 2012.lnk
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Spyware Terminator
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Spyware Terminator 2012
2014-05-04 13:32 - 2014-05-04 13:32 - 00000000 ____D () C:\Program Files (x86)\Spyware Terminator
2014-05-03 17:11 - 2013-08-22 17:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-05-01 19:59 - 2014-05-01 19:59 - 00021629 _____ () C:\Users\Irena\Desktop\INFO KG k dohodám.odt
2014-05-01 19:30 - 2013-08-22 15:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-04-27 16:53 - 2014-01-03 13:17 - 00000000 ____D () C:\ProgramData\StartW8
2014-04-23 21:58 - 2014-01-03 10:31 - 00000000 ____D () C:\Users\Irena
2014-04-23 21:31 - 2014-04-23 21:31 - 334413632 _____ () C:\WINDOWS\MEMORY.DMP
2014-04-23 21:31 - 2014-04-23 21:31 - 00285224 _____ () C:\WINDOWS\Minidump\042314-21656-01.dmp
2014-04-23 21:31 - 2014-04-23 21:31 - 00000000 ____D () C:\WINDOWS\Minidump
2014-04-23 21:27 - 2014-04-23 21:27 - 00000000 ____D () C:\ProgramData\ShopperPro
2014-04-23 21:27 - 2014-04-23 21:27 - 00000000 ____D () C:\ProgramData\RegClean
2014-04-23 21:20 - 2014-04-23 21:20 - 02623656 _____ (VS Revo Group Ltd.) C:\Users\Irena\Downloads\revosetup.exe
2014-04-23 20:30 - 2014-01-02 22:44 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-04-23 20:28 - 2014-01-02 22:44 - 90655440 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-04-23 02:24 - 2013-08-22 17:38 - 00693240 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-04-23 02:24 - 2013-08-22 17:38 - 00105464 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-04-21 16:25 - 2014-04-21 16:25 - 00172032 _____ (Jin Hui E-mail: jinhui@jcomsoft.com Web: http://www.jcomsoft.com) C:\WINDOWS\SysWOW64\AniGIF.ocx
2014-04-21 16:25 - 2014-04-21 16:25 - 00004232 _____ () C:\WINDOWS\System32\Tasks\SPBIW_UpdateTask_Time_3338353139303832352d3437415a556c2a3223346c41
2014-04-21 16:25 - 2014-04-21 16:25 - 00003444 _____ () C:\WINDOWS\System32\Tasks\YTAUpdate
2014-04-21 16:25 - 2014-04-21 16:25 - 00003258 _____ () C:\WINDOWS\System32\Tasks\YTAUpdate_logon
2014-04-21 16:25 - 2014-04-21 16:25 - 00000000 ____D () C:\Program Files\Common Files\ShopperPro
2014-04-21 16:24 - 2014-04-21 16:24 - 00000000 ____D () C:\Users\Irena\AppData\Local\CrashRpt
2014-04-21 16:24 - 2014-01-03 12:00 - 00000000 ____D () C:\Program Files (x86)\Seznam.cz
2014-04-21 16:24 - 2014-01-03 11:59 - 00000000 ____D () C:\Users\Irena\AppData\Roaming\Seznam.cz
2014-04-21 16:23 - 2014-01-03 11:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartW8
2014-04-21 16:22 - 2014-04-21 16:22 - 01258288 _____ () C:\Users\Irena\Downloads\startw8.exe
2014-04-09 13:10 - 2014-04-09 13:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-04-09 13:10 - 2014-04-09 13:10 - 02724864 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
Files to move or delete:
====================
C:\ProgramData\Lenovo-5139.vbs
Some content of TEMP:
====================
C:\Users\Irena\AppData\Local\Temp\bitool.dll
C:\Users\Irena\AppData\Local\Temp\cabex.dll
C:\Users\Irena\AppData\Local\Temp\COMAP.EXE
C:\Users\Irena\AppData\Local\Temp\FixMyRegistry.exe
C:\Users\Irena\AppData\Local\Temp\listicka-partner-13415-1.1.2-offline.exe
C:\Users\Irena\AppData\Local\Temp\nsisos.dll
C:\Users\Irena\AppData\Local\Temp\Quarantine.exe
C:\Users\Irena\AppData\Local\Temp\SpeedUpMyComputer.exe
C:\Users\Irena\AppData\Local\Temp\unelevate.exe
C:\Users\Irena\AppData\Local\Temp\UpdateCheckerSetup.exe
C:\Users\Irena\AppData\Local\Temp\ytai_ytareg_setup.exe
C:\Users\Irena\AppData\Local\Temp\{E638ABC1-0067-474b-A379-87CFE81E7848}.exe
==================== Bamital & volsnap Check =================
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit
LastRegBack: 2014-04-23 21:42
===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===
==================== Drive and Memory info ===================
Drive c: (Windows8_OS) (Fixed) (Total:439.16 GB) (Free:387.04 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (CHIPDVD_0314) (CDROM) (Total:6.63 GB) (Free:0 GB) CDFS
Available physical RAM: 342.94 MB
Total physical RAM: 1936.58 MB
Percentage of memory in use: 82%
==================== MBR and Partition Table ==================
Disk: 0 (Size: 466 GB) (Disk ID: E092FB97)
==================== Scheduled Tasks (whitelisted) ==================
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1cf07fa927811ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1cf07faa2ef86a2.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
==================== Alternate Data Streams (whitelisted) ==================
AlternateDataStreams: C:\ProgramData\Temp:56E2E879
AlternateDataStreams: C:\Users\Irena\SkyDrive:ms-properties
==================== Security Center ==================
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)
***** Velikost "Plochy" *****
Velikost slozky "C:\Users\Irena\Desktop" je 2 MB.
***** Startup Programs *****
***** Firewall rules *****
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
EnableFirewall REG_DWORD 0x1
DisableNotifications REG_DWORD 0x0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
***** System Restore *****
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000
==================== End Of Log ==============================
Poprosim i o log Addition.txt
Přispějete na provoz fóra?